Black Hat Europe, Day 2: The day that wasn't and Black Hat Europe, Day 3: Begin the presentations

Black Hat Europe, Day 2: The day that wasn't and Black Hat Europe, Day 3: Begin the presentations

Summary: If you haven't seen it yet, you can check out Day 1 of my coverage of Black Hat Europe 2008 here.  So, for those of you looking forward to a Black Hat Day 2 update with some more from the training sessions...

SHARE:
TOPICS: Security
4

If you haven't seen it yet, you can check out Day 1 of my coverage of Black Hat Europe 2008 here.  So, for those of you looking forward to a Black Hat Day 2 update with some more from the training sessions... I'm afraid it didn't happen. I had intended to hook up with Adam Laurie for a discussion of his "Invisible Network, Invisible Risk" training course which is a focused wireless security class, but I just couldn't make it happen as there was too much to do around Amsterdam, and seriously, I needed the day off. So for me, this was the Black Hat day that wasn't, but I did get a chance to speak with Laurie late yesterday and will create an update to Day 2 later.

Onto Day 3, and we're into the presentations. I bounced back and forth between PDP's talk on "Client-side Security" and Christopher Tarnovsky's "Security Failures in Secure Devices". I found both talks to be interesting with PDP's talk more directly applying to the research that I'm involved in, and Tarnovsky's talk more focused on something I have not looked into.

Tarnovsky discussed attacks against various semiconductors, which was quite interesting. He used Hydrofluoric Acid to eat away areas of the chips so that he could connect pins to the devices and begin reading the EEPROM (Electrically Erasable Programmable Read-Only Memory). While I didn't find this particularly useful to myself, it was certainly an entertaining talk about the security of semiconductors.

As I said, PDP's talk more directly related to research that I'm interested in and focused on a lot of the various attack vectors that PDP and his Gnucitizen group have been involved with throughout the last year. I'd recommend people take a look at his slides once they are posted, as his talk had a lot of good places to look for those involved in Web application assessments.

For the next round of talks, I attended Feng Xue's (aka Sowhat) talk on "Attacking Anti-Virus Software", which I found to be entertaining and completely what I expected. He started with some interesting thoughts on the use of AV and its role in the security arena:

  • Over 80% of people use Anti-Virus products
  • Most of those people believe that their Anti-Virus is a key component of protection

After this, "Sowhat" got into a discussion of what these flaws are and where to look:

So, as the talk got to flowing, "Sowhat" made it clear that he had a couple of 0-days that he was going to show us, but not release; however, when showing the demo, I think a few of us (David Weston, Rob Carter, and I) saw it as pretty clear what was happening and were a bit surprised as to the ease with which a little fuzzing could yield a bug on these highly critical applications.

After "Sowhat's" talk I moved on to the "CrackStation" talk by Nick Breese, which turned out to be fairly interesting. Breese has taken advantage of the Vector processing and multiple SPU's that have made the PS3 a very powerful gaming machine and used that to make it a very powerful password cracking machine. One of the key claims made that showed the huge upside of this setup was, "The current upper limit on Intel-based systems is 10-15 million cycles per second, but on the CrackStation, we can get up to 1.4 billion cycles per second." There was no detailed mathematical proof of this number that I saw during the presentation, but the claim if true is astounding.

Day 3 wrapped up into a night out on the town with several good friends, Billy Rios, Nitesh Dhanjani, Rob Carter, David Weston and his girlfriend, and Tiller Beauchamp and his girlfriend; which unfortunately had to be cut short for Rob and I as we were speaking first thing in the morning the next day and had our talk trimmed from 70 minutes to 50 minutes.

Check back for more on Day 4 of Black Hat as well as my interview with Adam Laurie from Day 2.

-Nate

Topic: Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

4 comments
Log in or register to join the discussion
  • Too much to do ...

    ... you found the coffee shops then ;-)
    mark@...
    • RE: Too much to do...

      Haha, to right you are my friend. You can see a nice picture of the Bulldog in my photo gallery. Besides the coffee shops, I was pretty well entranced by the architecture of Amsterdam. It's a beautiful city with all the waterways, old buildings, statues, museums. I got a chance to go out to Leidseplein and see so many great sites. The museums are amazing, the large open field between them gives stunning views.

      -Nate
      nmcfeters
  • 1.4 billion cycles per second probably true

    IIRC there was a recent article about a fellow who linked a bunch of PS3s together to create a super computer to model black holes.

    "University of Massachusetts astrophysicist Gaurav Khanna has strung together 16 PS consoles to simulate gravity waves that occur when two black holes collide, the British magazine says."
    "Scientists using PS3 to model black holes, drug molecules", AFP, Published: Wednesday, February 13, 2008, http://www.canada.com/topics/technology/games/story.html?id=9f11b7ef-6d11-4afd-83a5-5f1fb2f62ef9&k=54845, 31 March 2008.

    The talk by Nick Breese about "Crackstation" is probably an exposition of the article found here:
    "Hacker Uses Sony PlayStation 3 to Crack Passwords", GamePro Staff,
    Wednesday, November 28, 2007 3:00 PM PST, http://www.pcworld.com/article/id,140064-c,gameconsoles/article.html, 31 March, 2008.
    Dr_Zinj
    • RE: Very Nice!

      Thanks for the tie in article. That's super cool that they're using the PS3 to discover black holes.
      nmcfeters